We’ve recently spotted a publicly released, early stage Python source code for a Bing based SQL injection scanner based on Bing “dorks”. What’s the potential of this tool to cause any widespread damage? Let’s find out.

Sample screenshots of the Python script in action:

In its current form, the tool isn’t capable of causing widespread damage, due to the fact that it doesn’t come with a pre-defined database of dorks for cybercriminals to take advantage of. Therefore, taking into consideration the fact that they’d have to manually enter them, greatly diminishes the tool’s potential for causing widespread damage. However, now that the source code is publicly obtainable, we believe that fellow cybercriminals inspired by the initial idea will further add related features to it, either releasing the modified version for everyone to take advantage, or monetizing the newly introduced features by pitching it as a private release.

We’ll be naturally monitoring its future development, and post updates as soon as new developments emerge.